ruby-keychain 0.3.1 → 0.3.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 4efbc44b1070dee58c312948985249d799d84278
-  data.tar.gz: aafa371eab422c0fea83c4b878722937ee4fd7d5
+  metadata.gz: 7c2ee5b2ee12fb40fcc21b22df81639cb35104bf
+  data.tar.gz: c0863f638b7b25276ea88dfabe29ed20be92b72f
 SHA512:
-  metadata.gz: 046246e35a3c27d9545caad0ee3c2287a4b7eb2c6b88b5c796ec971d603a896bebaeee3fd32a02503c1ade4c893e46f522f69e32a00fb59d5e3e75cd1bb102b5
-  data.tar.gz: a1a7c7d7495792d9d1163b70093e2a968bfb1ae6a19f91ffd563cfce926746279859bd5c7aad3814e26c3bcb71734339df0802ebfc106ab193dc92af426d1894
+  metadata.gz: 2096c6908718c18c3cb741305e75141519a94f49c3439a98ceee5e780713fff9f684e8ee9962e670953eb848c8a28bfa5bcbe73ce7754d0dd679a96c91b3d6b7
+  data.tar.gz: 3b8f5d1789f5183ce0abac2cdad770b92f8b21ccf01998ce8dba185700e183e1f935053e11a4bae75a60e8541f5fec682f97bcfc8018f21a942bd51d74a30a90

data/lib/keychain/access.rb

@@ -1,3 +1,5 @@
-class Keychain::Access < Sec::Base
-  register_type 'SecAccess'
+module Keychain
+  class Access < Sec::Base
+    register_type 'SecAccess'
+  end
 end

data/lib/keychain/certificate.rb

@@ -15,43 +15,45 @@ module Sec
   attach_variable 'kSecAttrPublicKeyHash', :pointer
 end
 
-class Keychain::Certificate < Sec::Base
-  register_type 'SecCertificate'
-
-  ATTR_MAP = {CF::Base.typecast(Sec::kSecAttrAccessGroup) => :access_group,
-              CF::Base.typecast(Sec::kSecAttrCertificateType) => :certificate_type,
-              CF::Base.typecast(Sec::kSecAttrCertificateEncoding) => :certificate_encoding,
-              CF::Base.typecast(Sec::kSecAttrLabel) => :label,
-              CF::Base.typecast(Sec::kSecAttrSubject) => :subject,
-              CF::Base.typecast(Sec::kSecAttrIssuer) => :issuer,
-              CF::Base.typecast(Sec::kSecAttrSerialNumber) => :serial_number,
-              CF::Base.typecast(Sec::kSecAttrSubjectKeyID) => :subject_key_id,
-              CF::Base.typecast(Sec::kSecAttrPublicKeyHash) => :public_key_hash}
-
-  ATTR_MAP[CF::Base.typecast(Sec::kSecAttrAccessible)] = :accessible if defined?(Sec::kSecAttrAccessible)
-  ATTR_MAP[CF::Base.typecast(Sec::kSecAttrAccessControl)] = :access_control if defined?(Sec::kSecAttrAccessControl)
-
-  INVERSE_ATTR_MAP = ATTR_MAP.invert
-  define_attributes(ATTR_MAP)
-
-  def klass
-    Sec::Classes::CERTIFICATE.to_ruby
+module Keychain
+  class Certificate < Sec::Base
+    register_type 'SecCertificate'
+
+    ATTR_MAP = {CF::Base.typecast(Sec::kSecAttrAccessGroup) => :access_group,
+                CF::Base.typecast(Sec::kSecAttrCertificateType) => :certificate_type,
+                CF::Base.typecast(Sec::kSecAttrCertificateEncoding) => :certificate_encoding,
+                CF::Base.typecast(Sec::kSecAttrLabel) => :label,
+                CF::Base.typecast(Sec::kSecAttrSubject) => :subject,
+                CF::Base.typecast(Sec::kSecAttrIssuer) => :issuer,
+                CF::Base.typecast(Sec::kSecAttrSerialNumber) => :serial_number,
+                CF::Base.typecast(Sec::kSecAttrSubjectKeyID) => :subject_key_id,
+                CF::Base.typecast(Sec::kSecAttrPublicKeyHash) => :public_key_hash}
+
+    ATTR_MAP[CF::Base.typecast(Sec::kSecAttrAccessible)] = :accessible if defined?(Sec::kSecAttrAccessible)
+    ATTR_MAP[CF::Base.typecast(Sec::kSecAttrAccessControl)] = :access_control if defined?(Sec::kSecAttrAccessControl)
+
+    INVERSE_ATTR_MAP = ATTR_MAP.invert
+    define_attributes(ATTR_MAP)
+
+    def klass
+      Sec::Classes::CERTIFICATE.to_ruby
+    end
+
+    def public_key
+      key_ref = FFI::MemoryPointer.new(:pointer)
+      status = Sec.SecCertificateCopyPublicKey(self, key_ref)
+      Sec.check_osstatus(status)
+
+      Key.new(key_ref.read_pointer).release_on_gc
+    end
+
+    def x509
+      data_ptr = Sec.SecCertificateCopyData(self)
+      data = CF::Data.new(data_ptr)
+
+      result = OpenSSL::X509::Certificate.new(data.to_s)
+      data.release
+      result
+    end
   end
-
-  def public_key
-    key_ref = FFI::MemoryPointer.new(:pointer)
-    status = Sec.SecCertificateCopyPublicKey(self, key_ref)
-    Sec.check_osstatus(status)
-
-    Keychain::Key.new(key_ref.read_pointer).release_on_gc
-  end
-
-  def x509
-    data_ptr = Sec.SecCertificateCopyData(self)
-    data = CF::Data.new(data_ptr)
-
-    result = OpenSSL::X509::Certificate.new(data.to_s)
-    data.release
-    result
-  end
-end
+end

data/lib/keychain/error.rb

@@ -6,16 +6,18 @@ end
 # The base class of all keychain related errors
 #
 # The original error code is available as `code`
-class Keychain::Error < StandardError
-  attr_accessor :code
-  def initialize(code)
-    self.code = code
-    description = Sec.SecCopyErrorMessageString(code, nil)
-    if description.null?
-      super("Sec Error #{code}")
-    else
-      description = CF::Base.typecast(description)
-      super("#{description.to_s} (#{code})")
+module Keychain
+  class  Error < StandardError
+    attr_accessor :code
+    def initialize(code)
+      self.code = code
+      description = Sec.SecCopyErrorMessageString(code, nil)
+      if description.null?
+        super("Sec Error #{code}")
+      else
+        description = CF::Base.typecast(description)
+        super("#{description.to_s} (#{code})")
+      end
     end
   end
 end

data/lib/keychain/identity.rb

@@ -8,46 +8,48 @@ module Sec
   attach_variable 'kSecAttrLabel', :pointer
 end
 
-class Keychain::Identity < Sec::Base
-  register_type 'SecIdentity'
+module Keychain
+  class Identity < Sec::Base
+    register_type 'SecIdentity'
 
-  ATTR_MAP = Keychain::Certificate::ATTR_MAP.merge(Keychain::Key::ATTR_MAP)
+    ATTR_MAP = Certificate::ATTR_MAP.merge(Key::ATTR_MAP)
 
-  INVERSE_ATTR_MAP = ATTR_MAP.invert
-  define_attributes(ATTR_MAP)
+    INVERSE_ATTR_MAP = ATTR_MAP.invert
+    define_attributes(ATTR_MAP)
 
-  def klass
-    Sec::Classes::IDENTITY.to_ruby
-  end
+    def klass
+      Sec::Classes::IDENTITY.to_ruby
+    end
 
-  def certificate
-    certificate_ref = FFI::MemoryPointer.new(:pointer)
-    status = Sec.SecIdentityCopyCertificate(self, certificate_ref)
-    Sec.check_osstatus(status)
+    def certificate
+      certificate_ref = FFI::MemoryPointer.new(:pointer)
+      status = Sec.SecIdentityCopyCertificate(self, certificate_ref)
+      Sec.check_osstatus(status)
 
-    Keychain::Certificate.new(certificate_ref.read_pointer).release_on_gc
-  end
+      Certificate.new(certificate_ref.read_pointer).release_on_gc
+    end
 
-  def private_key
-    key_ref = FFI::MemoryPointer.new(:pointer)
-    status = Sec.SecIdentityCopyPrivateKey(self, key_ref)
-    Sec.check_osstatus(status)
+    def private_key
+      key_ref = FFI::MemoryPointer.new(:pointer)
+      status = Sec.SecIdentityCopyPrivateKey(self, key_ref)
+      Sec.check_osstatus(status)
 
-    Keychain::Key.new(key_ref.read_pointer).release_on_gc
-  end
+      Key.new(key_ref.read_pointer).release_on_gc
+    end
 
-  def pkcs12(passphrase='')
-    flags = Sec::SecItemImportExportKeyParameters.new
-    flags[:version] = Sec::SEC_KEY_IMPORT_EXPORT_PARAMS_VERSION
-    flags[:passphrase] = CF::String.from_string(passphrase).to_ptr
+    def pkcs12(passphrase='')
+      flags = Sec::SecItemImportExportKeyParameters.new
+      flags[:version] = Sec::SEC_KEY_IMPORT_EXPORT_PARAMS_VERSION
+      flags[:passphrase] = CF::String.from_string(passphrase).to_ptr
 
-    data_ptr = FFI::MemoryPointer.new(:pointer)
-    status = Sec.SecItemExport(self, :kSecFormatPKCS12, 0, flags, data_ptr)
-    Sec.check_osstatus(status)
+      data_ptr = FFI::MemoryPointer.new(:pointer)
+      status = Sec.SecItemExport(self, :kSecFormatPKCS12, 0, flags, data_ptr)
+      Sec.check_osstatus(status)
 
-    data = CF::Data.new(data_ptr.read_pointer)
-    result = OpenSSL::PKCS12.new(data.to_s)
-    data.release
-    result
+      data = CF::Data.new(data_ptr.read_pointer)
+      result = OpenSSL::PKCS12.new(data.to_s)
+      data.release
+      result
+    end
   end
-end
+end

data/lib/keychain/item.rb

@@ -9,166 +9,168 @@ end
 # An individual item from the keychain. Individual accessors are generated for the items attributes
 #
 #
-class Keychain::Item < Sec::Base
-  register_type 'SecKeychainItem'
-
-  ATTR_MAP = {CF::Base.typecast(Sec::kSecAttrAccess) => :access,
-              CF::Base.typecast(Sec::kSecAttrAccount) => :account,
-              CF::Base.typecast(Sec::kSecAttrAuthenticationType) => :authentication_type,
-              CF::Base.typecast(Sec::kSecAttrComment) => :comment,
-              CF::Base.typecast(Sec::kSecAttrCreationDate) => :created_at,
-              CF::Base.typecast(Sec::kSecAttrCreator) => :creator,
-              CF::Base.typecast(Sec::kSecAttrDescription) => :description,
-              CF::Base.typecast(Sec::kSecAttrGeneric) => :generic,
-              CF::Base.typecast(Sec::kSecAttrIsInvisible) => :invisible,
-              CF::Base.typecast(Sec::kSecAttrIsNegative) => :negative,
-              CF::Base.typecast(Sec::kSecAttrLabel) => :label,
-              CF::Base.typecast(Sec::kSecAttrModificationDate) => :updated_at,
-              CF::Base.typecast(Sec::kSecAttrPath) => :path,
-              CF::Base.typecast(Sec::kSecAttrPort) => :port,
-              CF::Base.typecast(Sec::kSecAttrProtocol) => :protocol,
-              CF::Base.typecast(Sec::kSecAttrSecurityDomain) => :security_domain,
-              CF::Base.typecast(Sec::kSecAttrServer) => :server,
-              CF::Base.typecast(Sec::kSecAttrService) => :service,
-              CF::Base.typecast(Sec::kSecAttrType) => :type,
-              CF::Base.typecast(Sec::kSecClass)    => :klass}
-
-  INVERSE_ATTR_MAP = ATTR_MAP.invert
-  define_attributes(ATTR_MAP)
-
-  # returns a programmer friendly description of the item
-  # @return [String]
-  def inspect
-    "<SecKeychainItem 0x#{@ptr.address.to_s(16)} #{service ? "service: #{service}" : "server: #{server}"} account: #{account}>"
-  end
+module Keychain
+  class Item < Sec::Base
+    register_type 'SecKeychainItem'
+
+    ATTR_MAP = {CF::Base.typecast(Sec::kSecAttrAccess) => :access,
+                CF::Base.typecast(Sec::kSecAttrAccount) => :account,
+                CF::Base.typecast(Sec::kSecAttrAuthenticationType) => :authentication_type,
+                CF::Base.typecast(Sec::kSecAttrComment) => :comment,
+                CF::Base.typecast(Sec::kSecAttrCreationDate) => :created_at,
+                CF::Base.typecast(Sec::kSecAttrCreator) => :creator,
+                CF::Base.typecast(Sec::kSecAttrDescription) => :description,
+                CF::Base.typecast(Sec::kSecAttrGeneric) => :generic,
+                CF::Base.typecast(Sec::kSecAttrIsInvisible) => :invisible,
+                CF::Base.typecast(Sec::kSecAttrIsNegative) => :negative,
+                CF::Base.typecast(Sec::kSecAttrLabel) => :label,
+                CF::Base.typecast(Sec::kSecAttrModificationDate) => :updated_at,
+                CF::Base.typecast(Sec::kSecAttrPath) => :path,
+                CF::Base.typecast(Sec::kSecAttrPort) => :port,
+                CF::Base.typecast(Sec::kSecAttrProtocol) => :protocol,
+                CF::Base.typecast(Sec::kSecAttrSecurityDomain) => :security_domain,
+                CF::Base.typecast(Sec::kSecAttrServer) => :server,
+                CF::Base.typecast(Sec::kSecAttrService) => :service,
+                CF::Base.typecast(Sec::kSecAttrType) => :type,
+                CF::Base.typecast(Sec::kSecClass)    => :klass}
+
+    INVERSE_ATTR_MAP = ATTR_MAP.invert
+    define_attributes(ATTR_MAP)
+
+    # returns a programmer friendly description of the item
+    # @return [String]
+    def inspect
+      "<SecKeychainItem 0x#{@ptr.address.to_s(16)} #{service ? "service: #{service}" : "server: #{server}"} account: #{account}>"
+    end
 
-  # Creates a new keychain item either from an FFI::Pointer or a hash of attributes
-  #
-  # @param [FFI::Pointer, Hash] attrs_or_pointer Either an FFI::Pointer to an existing 
-  #   SecKeychainItemRef to wrap or hash of attributes to create a new, unsaved Keychain::Item from
-  #   see {Keychain::Scope#create}
-  #  
-  def self.new(attrs_or_pointer)
-    if attrs_or_pointer.is_a? Hash
-      super(0).tap do |result|
-        attrs_or_pointer.each {|k,v| result.send("#{k}=", v)}
+    # Creates a new keychain item either from an FFI::Pointer or a hash of attributes
+    #
+    # @param [FFI::Pointer, Hash] attrs_or_pointer Either an FFI::Pointer to an existing 
+    #   SecKeychainItemRef to wrap or hash of attributes to create a new, unsaved Keychain::Item from
+    #   see {Keychain::Scope#create}
+    #  
+    def self.new(attrs_or_pointer)
+      if attrs_or_pointer.is_a? Hash
+        super(0).tap do |result|
+          attrs_or_pointer.each {|k,v| result.send("#{k}=", v)}
+        end
+      else
+        super
       end
-    else
-      super
     end
-  end
 
-  # Removes the item from the associated keychain
-  #
-  def delete
-    status = Sec.SecKeychainItemDelete(self)
-    Sec.check_osstatus(status)
-    self
-  end
+    # Removes the item from the associated keychain
+    #
+    def delete
+      status = Sec.SecKeychainItemDelete(self)
+      Sec.check_osstatus(status)
+      self
+    end
 
-  # Set a new password for the item
-  # @note The new password is not saved into the keychain until you call {Keychain::Item#save!}
-  # @param [String] value The new value for the password
-  # @return [String] The set value
-  def password=(value)
-    @unsaved_password = value
-  end
+    # Set a new password for the item
+    # @note The new password is not saved into the keychain until you call {Keychain::Item#save!}
+    # @param [String] value The new value for the password
+    # @return [String] The set value
+    def password=(value)
+      @unsaved_password = value
+    end
 
-  # Fetches the password data associated with the item. This may cause the user to be asked for access
-  # @return [String] The password data, an ASCII_8BIT encoded string
-  def password
-    return @unsaved_password if @unsaved_password
-    out_buffer = FFI::MemoryPointer.new(:pointer)
-    status = Sec.SecItemCopyMatching({Sec::Query::ITEM_LIST => CF::Array.immutable([self]),
-                                      Sec::Query::SEARCH_LIST => [self.keychain],
-                                      Sec::Query::CLASS => self.klass,
-                                      Sec::Query::RETURN_DATA => true}.to_cf, out_buffer)
-    Sec.check_osstatus(status)
-    CF::Base.typecast(out_buffer.read_pointer).release_on_gc.to_s
-  end
+    # Fetches the password data associated with the item. This may cause the user to be asked for access
+    # @return [String] The password data, an ASCII_8BIT encoded string
+    def password
+      return @unsaved_password if @unsaved_password
+      out_buffer = FFI::MemoryPointer.new(:pointer)
+      status = Sec.SecItemCopyMatching({Sec::Query::ITEM_LIST => CF::Array.immutable([self]),
+                                        Sec::Query::SEARCH_LIST => [self.keychain],
+                                        Sec::Query::CLASS => self.klass,
+                                        Sec::Query::RETURN_DATA => true}.to_cf, out_buffer)
+      Sec.check_osstatus(status)
+      CF::Base.typecast(out_buffer.read_pointer).release_on_gc.to_s
+    end
 
-  # Attempts to update the keychain with any changes made to the item
-  # or saves a previously unpersisted item
-  # @param [optional, Hash] options extra options when saving the item
-  # @option options [Keychain::Keychain] :keychain when saving an unsaved item, they keychain to save it in
-  # @return [Keychain::Item] returns the item
-  def save!(options={})
-    if persisted?
-      cf_dict = update
-    else
-      cf_dict = create(options)
-      self.ptr = cf_dict[Sec::Value::REF].to_ptr
-      self.retain.release_on_gc
+    # Attempts to update the keychain with any changes made to the item
+    # or saves a previously unpersisted item
+    # @param [optional, Hash] options extra options when saving the item
+    # @option options [Keychain::Keychain] :keychain when saving an unsaved item, they keychain to save it in
+    # @return [Keychain::Item] returns the item
+    def save!(options={})
+      if persisted?
+        cf_dict = update
+      else
+        cf_dict = create(options)
+        self.ptr = cf_dict[Sec::Value::REF].to_ptr
+        self.retain.release_on_gc
+      end
+      @unsaved_password = nil
+      update_self_from_dictionary(cf_dict)
+      cf_dict.release
+      self
     end
-    @unsaved_password = nil
-    update_self_from_dictionary(cf_dict)
-    cf_dict.release
-    self
-  end
 
-  # @private
-  def self.from_dictionary_of_attributes(cf_dict)
-    new(0).tap {|item| item.send :update_self_from_dictionary, cf_dict}
-  end
+    # @private
+    def self.from_dictionary_of_attributes(cf_dict)
+      new(0).tap {|item| item.send :update_self_from_dictionary, cf_dict}
+    end
 
-  # Whether the item has been persisted to the keychain
-  # @return [Boolean]
-  def persisted?
-    !@ptr.null?
-  end
+    # Whether the item has been persisted to the keychain
+    # @return [Boolean]
+    def persisted?
+      !@ptr.null?
+    end
 
-  private
+    private
 
-  def create(options)
-    result = FFI::MemoryPointer.new :pointer
-    query = build_create_query(options)
-    query.merge!(build_new_attributes)
-    status = Sec.SecItemAdd(query, result);
-    Sec.check_osstatus(status)
-    cf_dict = CF::Base.typecast(result.read_pointer)
-  end
+    def create(options)
+      result = FFI::MemoryPointer.new :pointer
+      query = build_create_query(options)
+      query.merge!(build_new_attributes)
+      status = Sec.SecItemAdd(query, result);
+      Sec.check_osstatus(status)
+      cf_dict = CF::Base.typecast(result.read_pointer)
+    end
 
-  def update
-    status = Sec.SecItemUpdate({Sec::Query::SEARCH_LIST => [self.keychain],
-                                Sec::Query::ITEM_LIST => [self],
-                                Sec::Query::CLASS => klass}.to_cf, build_new_attributes);
-    Sec.check_osstatus(status)
-
-    result = FFI::MemoryPointer.new :pointer
-    query = build_refresh_query
-    status = Sec.SecItemCopyMatching(query, result);
-    Sec.check_osstatus(status)
-    cf_dict = CF::Base.typecast(result.read_pointer)
-  end
-    
-  def build_create_query options
-    query = CF::Dictionary.mutable
-    query[Sec::Value::DATA] = CF::Data.from_string(@unsaved_password) if @unsaved_password
-    query[Sec::Query::KEYCHAIN] = options[:keychain] if options[:keychain] 
-    query[Sec::Query::RETURN_ATTRIBUTES] = CF::Boolean::TRUE
-    query[Sec::Query::RETURN_REF] = CF::Boolean::TRUE
-    query
-  end
+    def update
+      status = Sec.SecItemUpdate({Sec::Query::SEARCH_LIST => [self.keychain],
+                                  Sec::Query::ITEM_LIST => [self],
+                                  Sec::Query::CLASS => klass}.to_cf, build_new_attributes);
+      Sec.check_osstatus(status)
+
+      result = FFI::MemoryPointer.new :pointer
+      query = build_refresh_query
+      status = Sec.SecItemCopyMatching(query, result);
+      Sec.check_osstatus(status)
+      cf_dict = CF::Base.typecast(result.read_pointer)
+    end
+      
+    def build_create_query options
+      query = CF::Dictionary.mutable
+      query[Sec::Value::DATA] = CF::Data.from_string(@unsaved_password) if @unsaved_password
+      query[Sec::Query::KEYCHAIN] = options[:keychain] if options[:keychain] 
+      query[Sec::Query::RETURN_ATTRIBUTES] = CF::Boolean::TRUE
+      query[Sec::Query::RETURN_REF] = CF::Boolean::TRUE
+      query
+    end
 
-  def build_refresh_query
-    query = CF::Dictionary.mutable
-    query[Sec::Query::SEARCH_LIST] = CF::Array.immutable([self.keychain])
-    query[Sec::Query::ITEM_LIST] = CF::Array.immutable([self])
-    query[Sec::Query::RETURN_ATTRIBUTES] = CF::Boolean::TRUE
-    query[Sec::Query::RETURN_REF] = CF::Boolean::TRUE
-    query[Sec::Query::CLASS] = klass.to_cf
-    query
-  end
+    def build_refresh_query
+      query = CF::Dictionary.mutable
+      query[Sec::Query::SEARCH_LIST] = CF::Array.immutable([self.keychain])
+      query[Sec::Query::ITEM_LIST] = CF::Array.immutable([self])
+      query[Sec::Query::RETURN_ATTRIBUTES] = CF::Boolean::TRUE
+      query[Sec::Query::RETURN_REF] = CF::Boolean::TRUE
+      query[Sec::Query::CLASS] = klass.to_cf
+      query
+    end
 
-  def build_new_attributes
-    new_attributes = CF::Dictionary.mutable
-    @attributes.each do |k,v|
-      next if k == :created_at || k == :updated_at
-      next if k == :klass && persisted?
-      k = self.class::INVERSE_ATTR_MAP[k]
-      new_attributes[k] = v.to_cf
+    def build_new_attributes
+      new_attributes = CF::Dictionary.mutable
+      @attributes.each do |k,v|
+        next if k == :created_at || k == :updated_at
+        next if k == :klass && persisted?
+        k = self.class::INVERSE_ATTR_MAP[k]
+        new_attributes[k] = v.to_cf
+      end
+      new_attributes[Sec::Value::DATA] = CF::Data.from_string(@unsaved_password) if @unsaved_password
+      new_attributes
     end
-    new_attributes[Sec::Value::DATA] = CF::Data.from_string(@unsaved_password) if @unsaved_password
-    new_attributes
   end
 end

data/lib/keychain/key.rb

@@ -67,48 +67,50 @@ module Sec
 
 end
 
-class Keychain::Key < Sec::Base
-  register_type 'SecKey'
-
-  ATTR_MAP = {CF::Base.typecast(Sec::kSecAttrAccessGroup) => :access_group,
-              CF::Base.typecast(Sec::kSecAttrKeyClass) => :key_class,
-              CF::Base.typecast(Sec::kSecAttrLabel) => :label,
-              CF::Base.typecast(Sec::kSecAttrApplicationLabel) => :application_label,
-              CF::Base.typecast(Sec::kSecAttrIsPermanent) => :is_permanent,
-              CF::Base.typecast(Sec::kSecAttrApplicationTag) => :application_tag,
-              CF::Base.typecast(Sec::kSecAttrKeyType) => :key_type,
-              CF::Base.typecast(Sec::kSecAttrKeySizeInBits) => :size_in_bites,
-              CF::Base.typecast(Sec::kSecAttrEffectiveKeySize) => :effective_key_size,
-              CF::Base.typecast(Sec::kSecAttrCanEncrypt) => :can_encrypt,
-              CF::Base.typecast(Sec::kSecAttrCanDecrypt) => :can_decrypt,
-              CF::Base.typecast(Sec::kSecAttrCanDerive) => :can_derive,
-              CF::Base.typecast(Sec::kSecAttrCanSign) => :can_sign,
-              CF::Base.typecast(Sec::kSecAttrCanVerify) => :can_verify,
-              CF::Base.typecast(Sec::kSecAttrCanWrap) => :can_wrap,
-              CF::Base.typecast(Sec::kSecAttrCanUnwrap) => :can_unwrap}
-
-  ATTR_MAP[CF::Base.typecast(Sec::kSecAttrAccessible)] = :accessible if defined?(Sec::kSecAttrAccessible)
-  ATTR_MAP[CF::Base.typecast(Sec::kSecAttrAccessControl)] = :access_control if defined?(Sec::kSecAttrAccessControl)
-
-  INVERSE_ATTR_MAP = ATTR_MAP.invert
-  define_attributes(ATTR_MAP)
-
-  def klass
-    Sec::Classes::KEY.to_ruby
-  end
-
-  def export(passphrase = nil, format = :kSecFormatUnknown)
-    flags = Sec::SecItemImportExportKeyParameters.new
-    flags[:version] = Sec::SEC_KEY_IMPORT_EXPORT_PARAMS_VERSION
-    flags[:passphrase] = CF::String.from_string(passphrase).to_ptr if passphrase
-
-    data_ptr = FFI::MemoryPointer.new(:pointer)
-    status = Sec.SecItemExport(self, format, :kSecItemPemArmour, flags, data_ptr)
-    Sec.check_osstatus(status)
-
-    data = CF::Data.new(data_ptr.read_pointer)
-    result = data.to_s
-    data.release
-    result
+module Keychain
+  class Key < Sec::Base
+    register_type 'SecKey'
+
+    ATTR_MAP = {CF::Base.typecast(Sec::kSecAttrAccessGroup) => :access_group,
+                CF::Base.typecast(Sec::kSecAttrKeyClass) => :key_class,
+                CF::Base.typecast(Sec::kSecAttrLabel) => :label,
+                CF::Base.typecast(Sec::kSecAttrApplicationLabel) => :application_label,
+                CF::Base.typecast(Sec::kSecAttrIsPermanent) => :is_permanent,
+                CF::Base.typecast(Sec::kSecAttrApplicationTag) => :application_tag,
+                CF::Base.typecast(Sec::kSecAttrKeyType) => :key_type,
+                CF::Base.typecast(Sec::kSecAttrKeySizeInBits) => :size_in_bites,
+                CF::Base.typecast(Sec::kSecAttrEffectiveKeySize) => :effective_key_size,
+                CF::Base.typecast(Sec::kSecAttrCanEncrypt) => :can_encrypt,
+                CF::Base.typecast(Sec::kSecAttrCanDecrypt) => :can_decrypt,
+                CF::Base.typecast(Sec::kSecAttrCanDerive) => :can_derive,
+                CF::Base.typecast(Sec::kSecAttrCanSign) => :can_sign,
+                CF::Base.typecast(Sec::kSecAttrCanVerify) => :can_verify,
+                CF::Base.typecast(Sec::kSecAttrCanWrap) => :can_wrap,
+                CF::Base.typecast(Sec::kSecAttrCanUnwrap) => :can_unwrap}
+
+    ATTR_MAP[CF::Base.typecast(Sec::kSecAttrAccessible)] = :accessible if defined?(Sec::kSecAttrAccessible)
+    ATTR_MAP[CF::Base.typecast(Sec::kSecAttrAccessControl)] = :access_control if defined?(Sec::kSecAttrAccessControl)
+
+    INVERSE_ATTR_MAP = ATTR_MAP.invert
+    define_attributes(ATTR_MAP)
+
+    def klass
+      Sec::Classes::KEY.to_ruby
+    end
+
+    def export(passphrase = nil, format = :kSecFormatUnknown)
+      flags = Sec::SecItemImportExportKeyParameters.new
+      flags[:version] = Sec::SEC_KEY_IMPORT_EXPORT_PARAMS_VERSION
+      flags[:passphrase] = CF::String.from_string(passphrase).to_ptr if passphrase
+
+      data_ptr = FFI::MemoryPointer.new(:pointer)
+      status = Sec.SecItemExport(self, format, :kSecItemPemArmour, flags, data_ptr)
+      Sec.check_osstatus(status)
+
+      data = CF::Data.new(data_ptr.read_pointer)
+      result = data.to_s
+      data.release
+      result
+    end
   end
 end

data/lib/keychain/trusted_application.rb

@@ -1,3 +1,5 @@
-class Keychain::TrustedApplication < Sec::Base
-  register_type 'SecTrustedApplication'
+module Keychain
+  class TrustedApplication < Sec::Base
+    register_type 'SecTrustedApplication'
+  end
 end

data/lib/keychain/version.rb

@@ -1,4 +1,4 @@
 module Keychain
   # The current version string
-  VERSION = '0.3.1'
+  VERSION = '0.3.2'
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: ruby-keychain
 version: !ruby/object:Gem::Version
-  version: 0.3.1
+  version: 0.3.2
 platform: ruby
 authors:
 - Frederick Cheung